'

AMD confirms that their products are unaffected by Fallout and RIDL vulnerabilities

Intel processors are impacted by these security flaws

AMD confirms that their products are unaffected by Fallout and In-Flight Data Load vulnerabilities

AMD confirms that their products are unaffected by Intel's Fallout and RIDL vulnerabilities

Advanced Micro Devices (AMD) has released a statement which confirmed that the company's processors are not vulnerable to the speculative execution vulnerabilities known as Fallout and RILD (Rogue In-Flight Data Load), two vulnerabilities which were recently uncovered on Intel's recent x86 processors (More information here).  

In their statement, AMD claims that their products are built "with security in mind" and that the company's internal analysis and discussions with security researchers have confirmed that both RILD and Fallout do no affect the company's processors. AMD's language states that they "believe" their processors are not susceptible, though reading past the legalese it seems clear that as far as AMD is concerned (at least internally), their products are safe.  

AMD's statement on their Product Security microsite makes no mention of Intel's ZombieLoad attack, though official statements (Guruof3D) to other websites have confirmed that ZombieLoad poses no threat to AMD's products. At this time it appears that AMD's implementation of SMT is more secure than Intel's, though it is worth noting that Intel's processors are more prevalent and likely has more security analysts probing them for weaknesses.  

 

    At AMD we develop our products and services with security in mind. Based on our analysis and discussions with the researchers, we believe our products are not susceptible to ‘Fallout’ or ‘RIDL’ because of the hardware protection checks in our architecture. We have not been able to demonstrate these exploits on AMD products and are unaware of others having done so.

For more information, see our new whitepaper, titled “Speculation Behavior in AMD Micro-Architectures.”

AMD confirms that their products are unaffected by Fallout and In-Flight Data Load vulnerabilities  

Why aren't AMD's CPUs vulnerable to the same exploits as their Intel counterparts? The simple answer is that AMD's CPUs are based on a fundamentally different design, as while SMT is available with Ryzen, memory handling and security are implemented differently, making AMD immune to the security weaknesses of Intel's core processors. 

In fairness, the reverse is also true for Intel, as if a similar flaw was found inside AMD's Ryzen CPUs, Intel would likely be immune to it. That said, Intel remains as the king of the x86 market, both in client systems and in servers, making them the more attractive target for security researchers and analysts. It makes more sense to look for flaws inside Intel processors, as such flaws would undoubtedly impact a larger userbase. In this respect, sometimes it isn't good to be the king. 

You can join the discussion on AMD's confirmation that their processors are not impacted by Fallout or RIDL on the OC3D Forums

«Prev 1 Next»

Most Recent Comments

15-05-2019, 11:37:35

NeverBackDown
Another reason for AMD not being as vulnerable is the design was created only a few years ago vs Intel has over a decade maybe closer to 15 years on the "i" series of CPUs. While it's being updated and revised, it still has similar basic principles in design from all the way back.

AMD has had the benefit of a newer architecture with the research and documents already created for mitigations. Though they that doesn't make them invulnerable.Quote

15-05-2019, 17:23:36

looz
Also the amount of money Intel has poured in trying to optimise branch prediction is pretty immense, and when these exploits weren't in the radar, I guess they've gone down a path which is very prone to side channel attacks.Quote

16-05-2019, 07:56:00

Warchild
Quote:
Originally Posted by NeverBackDown View Post
Another reason for AMD not being as vulnerable is the design was created only a few years ago vs Intel has over a decade maybe closer to 15 years on the "i" series of CPUs. While it's being updated and revised, it still has similar basic principles in design from all the way back.

AMD has had the benefit of a newer architecture with the research and documents already created for mitigations. Though they that doesn't make them invulnerable.
Well face it. If the problem is in the foundation of Intel, no amount of fixes will help. Basically needs to go back to formula.Quote
Reply
x

Register for the OC3D Newsletter

Subscribing to the OC3D newsletter will keep you up-to-date on the latest technology reviews, competitions and goings-on at Overclock3D. We won't share your email address with ANYONE, and we will only email you with updates on site news, reviews, and competitions and you can unsubscribe easily at any time.

Simply enter your name and email address into the box below and be sure to click on the links in the confirmation emails that will arrive in your e-mail shortly after to complete the registration.

If you run into any problems, just drop us a message on the forums.